+ Are you able to observe the spikes or drops when you initiate the Ping from egress interface to FW1 to egress interface of FW2 which is connected to 10Mbps line?---- I am getting good, solid PING from egress to FW1 and same with egress to FW2. Clean no latency or dropped packets
+ What is the result when ping is initiated from ingress interface of FW1 to ingress interface of FW2? ---- I get “NO SUCCESS”. This is when tried from CLI.
+ Have you tested if the communication between Domain Authentication to WINDOWS Server 2012 works fine without the VPN? ------ Domain Authentication works well. No errors or lag.
+ Check if the all interfaces are configured to full duplex by the command : get int <interface name> and also the switch ports are configured to full duplex or not ? ---- Full Duplex on both Firewall and SWITCHES
+ Are you able to observe any VPN flaps or interface flaps in the <get event> ? ------- I am not seeing any VPN Flap.
+ What are CPU levels on the firewall by the command : get perf cpu all detail ? ----- Average System Utilization is 1%
+ Can you try change encryption algorithm to DES and check if the performance gets improved or not? ---- This will be difficult as I am sole IT and the buildings are located about 45 minutes from each other. Won’t the switch from 3DES to DES disrupt the VPN connection?